Nabi Nur

Email:

ad0xfw@r.postjobfree.com

Cell # 323-***-****

Profile Summary

Diligent IT professional with a career more than 10 years, adeptly serving as a SOC security analyst, cyber security analyst, Cloud Security Analyst, Data analyst, and systems analyst. Proficient in leveraging customer-centric strategies to elevate user experiences, optimizing quality standards, and adeptly navigating dynamic environments for robust growth. Recognized for consistently achieving objectives, surpassing established timelines, and enhancing overarching performance benchmarks.

Technical Skills

Microsoft Defender for cloud, Microsoft Sentinel, SIEM, Azure Log Analytics

Azure CAF, Azure Well-Architected Framework

Microsoft Entra ID(Azure AD), PIM, IAM, RBAC, MFA

Azure Workbooks

ATT&CK, OWASP, HIPPA, NIST, HI-TRUST, ISO, PII, PCI DSS, FINRA, FedRAMP High

Project Management, Agile/Scrum

Vulnerability assessment, Event log evaluation

Azure DevOps Security, Azure DevOps, CI/CD, Configuration, GitHub

Malware, viruses, worms, trojan horses, and spyware

Microsoft Cloud Security Benchmark, Azure Security Benchmark, Azure Policy and Blueprints

Azure Security alert monitoring

Microsoft Azure Cloud products and services

Certifications

AWS Certified Solution Architect Associate

Education

Master of Science, Public Administration

Bachelor of Science, Public Administration, Computer Science

Professional Experience

J and J, New Brunswick, NJ

SOC Security Analyst

Incident Response Analyst

Cyber Security Analyst

October 2021 – Present

State Farm Insurance, Bloomington, IL

SOC Security Analyst

Incident Response Analyst

Cloud Security Consultant

April 2020 – October 2021

Identify and ingest indicators of compromise (IOCs), e.g malicious IPs/URLs, e.t.c, into network tools/applications.

Stay up to date with current vulnerabilities, attacks, and countermeasures with security blogs and internal news reporting's from CISA, DHS, Akamai

Conducted periodic security audits and vulnerability assessments to identify and mitigate potential security risks.

Stay up to date with current vulnerabilities, attacks, and countermeasures with security blogs and internal news reporting's from CISA, DHS, Akamai

Perform incident monitoring, response, triage and initiate investigations

Create and track incidents and request using ticketing tool: (ServiceNow)

Analyze security event data from the network (IDS, SIEM)

Perform investigations and evaluations of network traffics, read and interpret logs, sniffer packets, and PCAP analysis with RSA Security analytics and Wireshark

Escalate any security incident (the confidentiality, integrity or availability of any information or information asset that is negatively impacted) to the Incident Response (IR), Incident Management team (1M T), Forensic Management Analysis team (FMAT) as needed

Conduct analysis using Splung ES

Identify suspicious/malicious activities or codes

Perform domain and email analysis

Participate in phishing campaigns

Continuously monitoring and interpreting threats using the IDS and SIEM tools

Investigate all reported suspicious emails and determine whether the emails are malicious, non-malicious or legitimate and reply to the user who reported the suspicious email with a message reporting the findings and any recommendations

Perform shift handoff at the end of every shift to provide situational awareness

the incoming shift.

Performed security audits, analyze findings, and generate detailed reports.

Developed and deliver DLP and data security training programs.

IDS monitoring and analysis through SIEM

Analyze network traffic for potential threats

Complete log analysis as needed, prioritizing and differentiating between potential intrusion attempts and false negatives

Create and track investigations to resolution

Compose security alert notifications

Ensure searches for Indicators of Compromise (IOCs) are completed when reported, through EDR tools

Monitor reported spam and phishing emails

Advise incident responders in steps to take to investigate and resolve computer security incidents

Review violations of computer security procedures and developed mitigation plans

Monitor computer virus reports to determine when to update virus protection systemsLed Architecture Design Sessions for prominent enterprise and Government clients.

Utilized Azure Data Factory integration runtime to orchestrate data ETL processes effectively.

Bank of America, Charlotte, NC

Azure Cloud Engineer

July 2019 –April 2020

Resolved issues for premier and enterprise customers across a diverse range of scenarios related to Azure products and services.

Provided engineering-level assistance to premier and enterprise customers, ensuring strict adherence to EU GDPR regulations concerning privacy.

Maintained compliance with Service Level Agreements (SLAs) by addressing customer issues across various aspects, including account management, portal functionality, and billing inquiries.

Ensured adherence to Microsoft's End User License Agreement (EULA) regulations pertaining to privacy.

Assisted premier and enterprise customers with a broad spectrum of concerns, ranging from difficulties with Azure portal access to scaling up quotas for virtual machine cores.

Conducted analysis of logs and other data to effectively troubleshoot and resolve intricate customer issues.

Collaborated with customers to gain a comprehensive understanding of their Azure accounts, portal functionality, and billing challenges.

Oversaw the successful implementation of new systems for customers, including tasks such as data migration.

Duke Energy, Charlotte, NC

Security Analyst

January 2019 –July 2019

Managed information security risk management, identity theft prevention, incident management programs, and an Intelligence program analyzing customer data using both open-source and proprietary solutions.

Generated management reports detailing network security status and providing recommendations for the adoption of new policies, standards, and procedures.

Designed innovative technologies, including but not limited to threat analysis tools, network monitoring systems, advanced malware detection solutions, and data loss prevention mechanisms.

Developed, coordinated, implemented, and maintained standards and procedures aimed at safeguarding the security and integrity of information systems and data.

Monitored and analyzed network traffic to extract insights from known malicious actors, leveraging this knowledge to formulate countermeasures against potential threats.

Presented analysis outcomes to senior management and collaborated closely with other Information Technology teams to enhance security controls, conduct forensic analysis of computer systems, and address malware-related concerns.

Introduced security metrics to mitigate vulnerabilities by analyzing historical threats, addressing risks, gaps, and violations, and implementing enhanced web protocols.

JP Morgan and Chase, Newark, DE

System Analyst

July 2018 – January 2019

Created automated shell scripts to streamline release processes and enhance Production Support tasks, including log file backups, account creations, and application security measures.

Proficient in deploying, configuring, and administering various build and release tools.

Developed automated operational utilities for managing privileged access, thereby reducing risk and bolstering security measures.

Ensured the compatibility of the LAN with individual workstations to guarantee system functionality, network connectivity, and security.

Maintained and assumed responsibility for network backups, both on-site and off-site, and executed disaster recovery plans effectively.

Toyota Motor Corporation, Los Angeles, CA

System Analyst

July 2017 – July 2018

Developed and executed manual and automated test plans.

Conducted mobile app testing and cross-browser testing.

Utilized ALM for test case management and defect tracking.

Wrote PL/SQL queries for data validation.

PNC Bank, Pittsburgh, PA System Analyst

January 2016 – July 2017

United Healthcare, Minneapolis, MN

System Analyst

Feb 2015 – Jan 2016

Conducted manual and automated software testing.

Performed various testing types including GUI, integration, regression, and more.

Conducted compatibility testing and data validation.

Developed and executed ETL mappings, source code.

Deployed code using Ansible Tower automation tool.

Utilized BMC Remedy for incident management and defect tracking.

Wrote PL/SQL queries for data validation and etl testing

Contact this candidate